CVE-2018-25145

MEDIUM

Microhard Systems IPn4G 1.1.0 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25145. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in Microhard Systems' cellular gateways, allowing authenticated attackers to download sensitive configuration files containing credentials and system details. The PoC uses curl commands to retrieve files like cli.conf and IPn4G.config, which expose hashed passwords and system configurations.

Description

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/m_cli/', and '/tmp' to access system passwords and network settings.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/45036

View Code ZIP pw:eip

This exploit demonstrates an information disclosure vulnerability in Microhard Systems' cellular gateways, allowing authenticated attackers to download sensitive configuration files containing credentials and system details. The PoC uses curl commands to retrieve files like cli.conf and IPn4G.config, which expose hashed passwords and system configurations.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Microhard Systems IPn4G, IPn3Gb, VIP4Gb, Bullet-3G, Dragon-LTE (multiple versions)

Auth required

Prerequisites: Authenticated access to the device's web interface

MITRE ATT&CK

T1592 - Gather Victim Host Information T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

https://www.exploit-db.com/exploits/45036

Product product

http://www.microhardcorp.com

Exploit, Third Party Advisory third-party-advisory

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5484.php

Scores

CVSS v3 6.5

EPSS 0.0040

EPSS Percentile 31.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-552

Status published

Products (12)

microhardcorp/bullet-3g_firmware 1.2.0 reva_build1032 (2 CPE variants)

microhardcorp/bullet-lte_firmware 1.2.0 build1078

microhardcorp/bulletplus_firmware 1.3.0 build1036

microhardcorp/dragon-lte_firmware 1.1.0 build1036

microhardcorp/ipn3gb_firmware 2.2.0 build2160

microhardcorp/ipn3gii_firmware 1.2.0 build1076

microhardcorp/ipn4g_firmware 1.1.0 build1098

microhardcorp/ipn4gb_firmware 1.1.6 build1184-14

microhardcorp/ipn4gb_firmware 1.1.0 rev2_build1090-2 (2 CPE variants)

microhardcorp/ipn4gii_firmware 1.2.0 build1078

... and 2 more

Published Dec 24, 2025

Tracked Since Feb 18, 2026